Handing data the ACCA way

Areas of expertise


ACCA are a global leading body for professional accountants, building partnerships around the world to help make society fairer and more transparent. Its members are known and trusted as the world’s best-qualified and most highly sought-after accountants. ACCA professionals work hard to protect the public interest within a landscape of fast-changing world needs.

Undoubtedly, data is one of the most powerful assets for any business. ACCA’s aim was to cultivate a proactive workforce who understand the vital role they play in making sure they report any potential concerns. They need to handle data in line with all EU General Data Protection Regulations (GDPR) which were enforced from May 2018.

The challenge

ACCA identified the pressing need to ensure that global employees (including agency workers and contractors) handle, process and store data in adherence not only to ACCA’s current policies, but to the latest legislative regulations.

To ensure its global workforce is data privacy savvy, ACCA offers so much more than just risk and regulatory compliance – this is what sets them apart as an forward-thinking organisation. ACCA recognised the importance of proactively nurturing a collective culture of responsibility. That’s why their employees needed to be vigilant and efficient people who protect data as if it’s their own.

Why Saffron?

Saffron was a clear choice as ACCA’s preferred learning partner, having developed a strong relationship in a consulting and delivery role and a proven track record of delivering successful and memorable courses for ACCA. Saffron’s unique approach to learning experience design has resonated with staff across the global organisation, sparking conversation and debate to create a culture of compliance.

Saffron’s experience in data privacy is extensive; we’ve worked with AB Foods, BT, Telefonica, and William Hill on equipping learners with the ability to protect internal and external data.

Our approach

Both ACCA and Saffron knew that to really change the learner’s behaviour, they needed to identify with those who suffer the consequences of data misuse and remember that they themselves are also consumers who are asked to share their data daily. We needed to appeal to intrinsic motivators that are relatable and resonate with the learner.

We therefore introduced a framing narrative for the course. At its start, the learner is immediately placed in the centre of the action as they experience the familiar fear of running late for an important client meeting. This dramatic opening engages the learner and makes the course relatable right from the very beginning. To get to the meeting on time, the learner signs up to a fictional ride-sharing app, ‘Zoom’, and which requires them to share their data.

The act of giving away their data at the beginning of the overarching narrative means that the learner becomes emotionally invested in the story that unfolds throughout the course. The purpose of this story is to enable learners to recognise the ease with which they hand over personal data on a daily basis, and as the story develops, the consequences of doing so.

As the course progresses, the learner receives unsolicited emails and social media messages. In this way, learners experience the consequences of data misuse, creating an emotionally charged experience that they can identify with.

Alongside this, the learner advises colleagues on data issues in scenarios that are specific to real life situations at ACCA. This means that learners can respond to data-related situations, and see how the consequences of their actions play out in a safe environment rather than in the real world. We used our test-then-tell approach to avoid patronising the learner and instead motivate them by giving them an opportunity to either get something right or learn something new.

The course was broken into bitesize, easily digestible units which each covered a vital aspect of ACCA’s data privacy policies, including the DPA:

  • Differentiating between Personal and Sensitive personal data
  • Giving notice or asking for consent
  • Data owner and the Data processor
  • Reporting data breaches
  • Handling data information requests

The learner’s responses to scenarios in each unit are assessed and learners are required to score at least 80% in a unit to be awarded each key principle badge. This ensures a culture of efficiency in handling people’s data.

We applied game mechanics by making the learner’s score visible as an icon throughout each unit, providing a visual cue to spur them on; learners can see their score level rise when they get a question right, motivating them to continue and fill up the badge to become a data guru!


Handling data the ACCA way has, in its first few weeks, made an impact on the organisation. As well as record completion levels, discussions within the organisation have allowed learners to relate the course’s scenarios to their own actions in the workplace and the appetite for further learning has grown.

What our clients say

Let's get to work

Have an unsolvable problem or an audacious idea?